group(5) [freebsd man page]
GROUP(5) BSD File Formats Manual GROUP(5) NAME
group -- format of the group permissions file DESCRIPTION
The group file is the local source of group information. It can be used in conjunction with the Hesiod domain `group', and the NIS maps `group.byname' and `group.bygid', as controlled by nsswitch.conf(5). The file group consists of newline separated ASCII records, one per group, containing four colon ':' separated fields. These fields are as follows: group Name of the group. passwd Group's encrypted password. gid The group's decimal ID. member Group members. Lines whose first non-whitespace character is a pound-sign (#) are comments, and are ignored. Blank lines that consist only of spaces, tabs or newlines are also ignored. The group field is the group name used for granting file access to users who are members of the group. The gid field is the number associ- ated with the group name. They should both be unique across the system (and often across a group of systems) since they control file access. The passwd field is an optional encrypted password. This field is rarely used and an asterisk is normally placed in it rather than leaving it blank. The member field contains the names of users granted the privileges of group. The member names are separated by commas without spaces or newlines. A user is automatically in a group if that group was specified in their /etc/passwd entry and does not need to be added to that group in the group file. IMPLEMENTATION NOTES
The passwd(1) command does not change the group passwords. The pw(8) utility's groupmod command should be used instead. LIMITS
There are various limitations which are explained in the function where they occur; see section SEE ALSO. In older implementations, a group cannot have more than 200 members. The maximum line length of /etc/group is 1024 characters. Longer lines will be skipped. This limitation disappeared in FreeBSD 3.0. Older binaries that are statically linked, depend on old shared libraries, or non-FreeBSD binaries in compatibility mode may still have this limit. FILES
/etc/group SEE ALSO
newgrp(1), passwd(1), setgroups(2), crypt(3), getgrent(3), initgroups(3), nsswitch.conf(5), passwd(5), chkgrp(8), pw(8), yp(8) HISTORY
A group file format appeared in Version 6 AT&T UNIX. Support for comments first appeared in FreeBSD 3.0. BSD
February 8, 2013 BSD
Check Out this Related Man Page
group(4) Kernel Interfaces Manual group(4) NAME
group, logingroup - group file, grp.h DESCRIPTION
contains for each group the following information: o group name o encrypted password o numerical group ID o comma-separated list of all users allowed in the group The file is an ASCII file. Fields are separated by colons, and each group is separated from the next by a new-line. No spaces should sep- arate the fields or parts of fields on any line. If the password field is null, no password is associated with the group. There are two files of this form in the system, and The file exists to supply names for each group, and to support changing groups by means of the utility (see newgrp(1)). provides a default group access list for each user via and (see login(1) and initgroups(3C)). The real and effective group ID set up by for each user is defined in (see passwd(4)). If is empty, the default group access list is empty. If and are links to the same file, the default access list includes the entire set of groups associated with the user. The group name and password fields in are never used; they are included only to give the two files a uniform format, allowing them to be linked together. All group IDs used in or should be defined in These files reside in directory Because of the encrypted passwords, these files can and do have general read permission and can be used, for example, to map numerical group IDs to names. The group structure is defined in and includes the following members: NETWORKING FEATURES
NIS The file can contain a line beginning with a plus which means to incorporate entries from Network Information Services (NIS). There are two styles of entries: means to insert the entire contents of NIS group file at that point, and means to insert the entry (if any) for name from NIS at that point. If a entry has a non-null password or group member field, the contents of that field overide what is contained in NIS. The numerical group ID field cannot be overridden. A group file can also have a line beginning with a minus these entries are used to disallow group entries. There is only one style of entry; an entry that consists of means to disallow any subsequent entry (if any) for name. These entries are disallowed regardless of whether the subsequent entry comes from the NIS or the local group file. WARNINGS
Group files must not contain any blank lines. Blank lines can cause unpredictable behavior in system administration software that uses these files. Group ID (gid) 9 is reserved for the Pascal Language operating system and the BASIC Language operating system. These are operating systems for Series 300/400 computers that can co-exist with HP-UX on the same disk. Using this gid for other purposes can inhibit file transfer and sharing. The length of each line in is limited to as defined in Because of this limit, users should not be listed in their primary group - only in their additional groups. If is linked to group membership for a user is managed by NIS, and no NIS server is able to respond, that user cannot log in until a server does respond. There is no single tool available to completely ensure that and are compatible. However, and can be used to simplify the task (see pwck(1M)). There is no tool for setting group passwords in DEPENDENCIES
NIS Here is a sample file: Group has a gid of 1 and members and The group is ignored since it appears after the entry Also, the group has members and and the password and group ID of the NIS entry for the group All groups listed in the NIS are pulled in and placed after the entry for The plus and minus features are part of NIS. Therefore if NIS is not installed, these features cannot work. FILES
SEE ALSO
groups(1), newgrp(1), passwd(1), setgroups(2), crypt(3C), getgrent(3C), initgroups(3C), passwd(4). STANDARDS CONFORMANCE
group(4)